Infosec News, BugBounty POC, CTF Writeup, Security Advisories, Approach for Bug Bounty

Hello Readers,Hope you are doing well. In this weekend, i learned about Nmap tool, scanning types, scanning commands and some NSE Scripts from different blogs. I gather good contents , so i want to share my research with you. Hope you like it :) Nmap  : Nmap (“Network Mapper”) is a free and open source utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running. It was designed to rapidly scan large networks, but works fine against single hosts. NMAP (Image Source Google)   Various TCP/IP protocols Application layer : FTP, HTTP, SNMP, BOOTP, DHCP Transport layer : TCP, UD

What is Bug Bounty? A bug bounty program is a deal offered by many websites and software developers by which individuals can receive recognition and compensation for reporting bugs , especially those pertaining to exploits and vulnerabilities.   A reward offered to a perform who identifies an error or vulnerability in a computer program or system. ‘The company boosts security by offering a bug bounty’   Bug Bounty - Image Source Google Bug Bounty Programs Bugcrowd https://www.bugcrowd.com/ Hackerone  https://www.hackerone.com/ Synack https://www.synack.com/ Japan Bug bounty Program https://bugbounty.jp/ Cobalt https://cobalt.io/ Zerocopter https://zerocopter.com/ Bug Bounty- Image Source Google Some Books reading about Bug Hunting There are some books for Web application penetration testing methodology and hunting the web. Through this you learn the basics and essentials of penetration testing and bug hunting. Since bug b